diff options
author | Timo Teräs <timo.teras@iki.fi> | 2013-01-08 16:02:18 +0200 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2013-01-08 16:02:51 +0200 |
commit | 7a82240b4bb9837ff01fee1dadb37e1f17ee50b8 (patch) | |
tree | 556761e5c55e4324e047059b9c9ca02cc411a93e /main/ipsec-tools | |
parent | 0ae570839b82b1a33c976abf9974c97b3b18596d (diff) | |
download | aports-7a82240b4bb9837ff01fee1dadb37e1f17ee50b8.tar.bz2 aports-7a82240b4bb9837ff01fee1dadb37e1f17ee50b8.tar.xz |
main/ipsec-tools: upgrade to 0.8.1
remove patches present upstream
Diffstat (limited to 'main/ipsec-tools')
-rw-r--r-- | main/ipsec-tools/01-privsep-fix.patch | 46 | ||||
-rw-r--r-- | main/ipsec-tools/02-pfkey-buffer-size-fix.patch | 65 | ||||
-rw-r--r-- | main/ipsec-tools/03-list-foreach-fixes.patch | 59 | ||||
-rw-r--r-- | main/ipsec-tools/04-splitnet-malloc-fix.patch | 36 | ||||
-rw-r--r-- | main/ipsec-tools/05-bignum-alloc-fix.patch | 25 | ||||
-rw-r--r-- | main/ipsec-tools/APKBUILD | 16 |
6 files changed, 3 insertions, 244 deletions
diff --git a/main/ipsec-tools/01-privsep-fix.patch b/main/ipsec-tools/01-privsep-fix.patch deleted file mode 100644 index a4842a8ac..000000000 --- a/main/ipsec-tools/01-privsep-fix.patch +++ /dev/null @@ -1,46 +0,0 @@ -Please note that diffs are not public domain; they are subject to the -copyright notices on the relevant files. - -=================================================================== -RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/privsep.c,v -retrieving revision 1.21 -retrieving revision 1.21.2.1 -diff -u -p -r1.21 -r1.21.2.1 ---- ipsec-tools/src/racoon/privsep.c 2011/03/06 08:28:10 1.21 -+++ ipsec-tools/src/racoon/privsep.c 2011/08/12 05:46:06 1.21.2.1 -@@ -1,4 +1,4 @@ --/* $NetBSD: privsep.c,v 1.21 2011/03/06 08:28:10 tteras Exp $ */ -+/* $NetBSD: privsep.c,v 1.21.2.1 2011/08/12 05:46:06 tteras Exp $ */ - - /* Id: privsep.c,v 1.15 2005/08/08 11:23:44 vanhu Exp */ - -@@ -67,6 +67,7 @@ - #include "admin.h" - #include "sockmisc.h" - #include "privsep.h" -+#include "session.h" - - static int privsep_sock[2] = { -1, -1 }; - -@@ -193,6 +194,13 @@ privsep_recv(sock, bufp, lenp) - return 0; - } - -+static int -+privsep_do_exit(void *ctx, int fd) -+{ -+ kill(getpid(), SIGTERM); -+ return 0; -+} -+ - int - privsep_init(void) - { -@@ -273,6 +281,7 @@ privsep_init(void) - strerror(errno)); - return -1; - } -+ monitor_fd(privsep_sock[1], privsep_do_exit, NULL, 0); - - return 0; - break; diff --git a/main/ipsec-tools/02-pfkey-buffer-size-fix.patch b/main/ipsec-tools/02-pfkey-buffer-size-fix.patch deleted file mode 100644 index eb028304b..000000000 --- a/main/ipsec-tools/02-pfkey-buffer-size-fix.patch +++ /dev/null @@ -1,65 +0,0 @@ -Please note that diffs are not public domain; they are subject to the -copyright notices on the relevant files. - -=================================================================== -RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/libipsec/pfkey.c,v -retrieving revision 1.21 -retrieving revision 1.21.2.1 -diff -u -p -r1.21 -r1.21.2.1 ---- ipsec-tools/src/libipsec/pfkey.c 2011/01/20 16:08:35 1.21 -+++ ipsec-tools/src/libipsec/pfkey.c 2011/11/14 13:25:06 1.21.2.1 -@@ -1,4 +1,4 @@ --/* $NetBSD: pfkey.c,v 1.21 2011/01/20 16:08:35 vanhu Exp $ */ -+/* $NetBSD: pfkey.c,v 1.21.2.1 2011/11/14 13:25:06 tteras Exp $ */ - - /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */ - -@@ -1783,7 +1783,9 @@ int - pfkey_open(void) - { - int so; -- int bufsiz = 128 * 1024; /*is 128K enough?*/ -+ int bufsiz_current, bufsiz_wanted; -+ int ret; -+ socklen_t len; - - if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) { - __ipsec_set_strerror(strerror(errno)); -@@ -1794,14 +1796,29 @@ pfkey_open(void) - * This is a temporary workaround for KAME PR 154. - * Don't really care even if it fails. - */ -- (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz)); -- (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); -- bufsiz = 256 * 1024; -- (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); -- bufsiz = 512 * 1024; -- (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); -- bufsiz = 1024 * 1024; -- (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz)); -+ /* Try to have 128k. If we have more, do not lower it. */ -+ bufsiz_wanted = 128 * 1024; -+ len = sizeof(bufsiz_current); -+ ret = getsockopt(so, SOL_SOCKET, SO_SNDBUF, -+ &bufsiz_current, &len); -+ if ((ret < 0) || (bufsiz_current < bufsiz_wanted)) -+ (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, -+ &bufsiz_wanted, sizeof(bufsiz_wanted)); -+ -+ /* Try to have have at least 2MB. If we have more, do not lower it. */ -+ bufsiz_wanted = 2 * 1024 * 1024; -+ len = sizeof(bufsiz_current); -+ ret = getsockopt(so, SOL_SOCKET, SO_RCVBUF, -+ &bufsiz_current, &len); -+ if (ret < 0) -+ bufsiz_current = 128 * 1024; -+ -+ for (; bufsiz_wanted > bufsiz_current; bufsiz_wanted /= 2) { -+ if (setsockopt(so, SOL_SOCKET, SO_RCVBUF, -+ &bufsiz_wanted, sizeof(bufsiz_wanted)) == 0) -+ break; -+ } -+ - __ipsec_errcode = EIPSEC_NO_ERROR; - return so; - } diff --git a/main/ipsec-tools/03-list-foreach-fixes.patch b/main/ipsec-tools/03-list-foreach-fixes.patch deleted file mode 100644 index 9851b63ce..000000000 --- a/main/ipsec-tools/03-list-foreach-fixes.patch +++ /dev/null @@ -1,59 +0,0 @@ -Please note that diffs are not public domain; they are subject to the -copyright notices on the relevant files. - -=================================================================== -RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/handler.c,v -retrieving revision 1.39 -retrieving revision 1.40 -diff -u -p -r1.39 -r1.40 ---- ipsec-tools/src/racoon/handler.c 2011/03/14 17:18:12 1.39 -+++ ipsec-tools/src/racoon/handler.c 2011/11/17 14:41:55 1.40 -@@ -1,4 +1,4 @@ --/* $NetBSD: handler.c,v 1.39 2011/03/14 17:18:12 tteras Exp $ */ -+/* $NetBSD: handler.c,v 1.40 2011/11/17 14:41:55 vanhu Exp $ */ - - /* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */ - -@@ -611,9 +611,11 @@ getph2byid(src, dst, spid) - struct sockaddr *src, *dst; - u_int32_t spid; - { -- struct ph2handle *p; -+ struct ph2handle *p, *next; -+ -+ for (p = LIST_FIRST(&ph2tree); p; p = next) { -+ next = LIST_NEXT(p, chain); - -- LIST_FOREACH(p, &ph2tree, chain) { - if (spid == p->spid && - cmpsaddr(src, p->src) <= CMPSADDR_WILDPORT_MATCH && - cmpsaddr(dst, p->dst) <= CMPSADDR_WILDPORT_MATCH){ -@@ -985,9 +987,11 @@ void - remcontacted(remote) - struct sockaddr *remote; - { -- struct contacted *p; -+ struct contacted *p, *next; -+ -+ for (p = LIST_FIRST(&ctdtree); p; p = next) { -+ next = LIST_NEXT(p, chain); - -- LIST_FOREACH(p, &ctdtree, chain) { - if (cmpsaddr(remote, p->remote) <= CMPSADDR_WILDPORT_MATCH) { - LIST_REMOVE(p, chain); - racoon_free(p->remote); -@@ -1555,10 +1559,12 @@ int - purgeph1bylogin(login) - char *login; - { -- struct ph1handle *p; -+ struct ph1handle *p, *next; - int found = 0; - -- LIST_FOREACH(p, &ph1tree, chain) { -+ for (p = LIST_FIRST(&ph1tree); p; p = next) { -+ next = LIST_NEXT(p, chain); -+ - if (p->mode_cfg == NULL) - continue; - if (strncmp(p->mode_cfg->login, login, LOGINLEN) == 0) { diff --git a/main/ipsec-tools/04-splitnet-malloc-fix.patch b/main/ipsec-tools/04-splitnet-malloc-fix.patch deleted file mode 100644 index 5f7aa8b90..000000000 --- a/main/ipsec-tools/04-splitnet-malloc-fix.patch +++ /dev/null @@ -1,36 +0,0 @@ -Please note that diffs are not public domain; they are subject to the -copyright notices on the relevant files. - -=================================================================== -RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp_unity.c,v -retrieving revision 1.9 -retrieving revision 1.9.18.1 -diff -u -p -r1.9 -r1.9.18.1 ---- ipsec-tools/src/racoon/isakmp_unity.c 2007/10/19 03:37:19 1.9 -+++ ipsec-tools/src/racoon/isakmp_unity.c 2012/01/01 17:32:04 1.9.18.1 -@@ -1,4 +1,4 @@ --/* $NetBSD: isakmp_unity.c,v 1.9 2007/10/19 03:37:19 manu Exp $ */ -+/* $NetBSD: isakmp_unity.c,v 1.9.18.1 2012/01/01 17:32:04 tteras Exp $ */ - - /* Id: isakmp_unity.c,v 1.10 2006/07/31 04:49:23 manubsd Exp */ - -@@ -387,8 +387,9 @@ char * splitnet_list_2str(list, splitnet - netentry = netentry->next; - } - -- /* allocate network list string */ -- str = racoon_malloc(len); -+ /* allocate network list string; we need the extra byte temporarily -+ * as sprintf() will write trailing 0-byte after the space. */ -+ str = racoon_malloc(len + 1); - if (str == NULL) - return NULL; - -@@ -414,6 +415,7 @@ char * splitnet_list_2str(list, splitnet - netentry = netentry->next; - } - -+ /* trim the string to not have trailing spaces */ - str[len-1]=0; - - return str; diff --git a/main/ipsec-tools/05-bignum-alloc-fix.patch b/main/ipsec-tools/05-bignum-alloc-fix.patch deleted file mode 100644 index 90c330ff4..000000000 --- a/main/ipsec-tools/05-bignum-alloc-fix.patch +++ /dev/null @@ -1,25 +0,0 @@ -Please note that diffs are not public domain; they are subject to the -copyright notices on the relevant files. - -=================================================================== -RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c,v -retrieving revision 1.20 -retrieving revision 1.21 -diff -u -p -r1.20 -r1.21 ---- ipsec-tools/src/racoon/crypto_openssl.c 2010/10/20 13:40:02 1.20 -+++ ipsec-tools/src/racoon/crypto_openssl.c 2012/08/15 14:51:30 1.21 -@@ -1,4 +1,4 @@ --/* $NetBSD: crypto_openssl.c,v 1.20 2010/10/20 13:40:02 tteras Exp $ */ -+/* $NetBSD: crypto_openssl.c,v 1.21 2012/08/15 14:51:30 manu Exp $ */ - - /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ - -@@ -2501,7 +2501,7 @@ eay_bn2v(var, bn) - vchar_t **var; - BIGNUM *bn; - { -- *var = vmalloc(bn->top * BN_BYTES); -+ *var = vmalloc(BN_num_bytes(bn)); - if (*var == NULL) - return(-1); - diff --git a/main/ipsec-tools/APKBUILD b/main/ipsec-tools/APKBUILD index 24b6d0485..e62082f80 100644 --- a/main/ipsec-tools/APKBUILD +++ b/main/ipsec-tools/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ipsec-tools -pkgver=0.8.0 -pkgrel=5 +pkgver=0.8.1 +pkgrel=0 pkgdesc="User-space IPsec tools for various IPsec implementations" url="http://ipsec-tools.sourceforge.net/" arch="all" @@ -12,11 +12,6 @@ subpackages="$pkgname-doc $pkgname-dev" source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz racoon.initd racoon.confd - 01-privsep-fix.patch - 02-pfkey-buffer-size-fix.patch - 03-list-foreach-fixes.patch - 04-splitnet-malloc-fix.patch - 05-bignum-alloc-fix.patch 20-grekey-support.patch 50-reverse-connect.patch 70-defer-isakmp-ident-handling.patch @@ -62,14 +57,9 @@ package() { install -D -m644 ../racoon.confd "$pkgdir"/etc/conf.d/racoon } -md5sums="c9a318cdbc0946f4e51464866d529739 ipsec-tools-0.8.0.tar.gz +md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz 74f12ed04ed273a738229c0bfbf829cc racoon.initd 2d00250cf72da7f2f559c91b65a48747 racoon.confd -518349f275fafcabed7751b943a5cfaf 01-privsep-fix.patch -44171d829782105d368cd0c99b784da9 02-pfkey-buffer-size-fix.patch -fc3ac8a58b50bc231e3d45bd619b199e 03-list-foreach-fixes.patch -272ca19929bdf387fe9e3fab7ab3e270 04-splitnet-malloc-fix.patch -51e9065f0267afdd91705f78bf27a337 05-bignum-alloc-fix.patch 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch |